Forbes CommunityVoice™ allows professional fee-based membership groups ("communities") to connect directly with the Forbes audience by enabling them to create content – and participate in the conversation – on the Forbes digital publishing platform. Each topic-based CommunityVoice™ is produced and managed by the group.

Opinions expressed within Forbes CommunityVoice™ are those of the participating individuals.

Facebook has faced public backlash after the recently exposed Cambridge Analytica scandal. Although the social networking giant didn't know its customer data would be misused at the time of collection, many still feel Facebook should have done a better job of preventing an incident like this from happening in the first place.

These conversations surrounding data privacy and protection serve as a reminder to all brands that security and third-party vendor vetting should be a top priority. However, even with the best intentions, data breaches can still happen, and when they do, your business needs to be prepared to do some damage control.

Data breaches happen. The first step you want to take is conducting a top-to-bottom data audit to identify what's been affected by the breach. From there, keep your user base up to date. Taking responsibility for the breach and owning up goes a long way for retention. -Michael Lazar,ReadyCloud

2. Develop an immediate public response strategy, even if it's limited.

Before releasing any communication to the public, develop a strategy, ideally in less than 24 hours. While an apology is a necessary step, it's not the first; you have to know what you want to say and what you are going to do immediately following your initial statement. This approach involves identifying the right spokesperson and creating a means for monitoring the public's response beforehand. -Amber Micala Arnold,MWWPR

3. Respond as quickly as possible.

Facebook's biggest problem in responding to the Cambridge Analytica scandal serves as a cautionary tale. Instead of coming forward about the problem quickly, Facebook stonewalled and tried to intimidate journalists. According to our research, 60% of Americans want companies to respond to a crisiswithin 24 hours. It's like ripping off a Band-Aid: The faster you do it, the less it hurts. -Curtis Sparrer,Bospar

4. Provide deadlines for further information after the initial announcement.

Facebook is an honest company and it isn't sugarcoating the data breach that happened, but sometimes it is too little too late. Release the information about the breach right away. Don't wait for a plan to be developed before the news is released -- provide deadlines to the users on when you will release a plan of action and follow through. -Anshu Agarwal,Cedexis

5. Communicate clearly and effectively to internal and external stakeholders.

Fortunately, we’ve never experienced a customer data leak and hope it never happens. But in the case of any data breach, the first step is to maintain effective communication, both internal and external. Outline the entire situation for your team and explain to customers precisely what happened. Be sincere and provide as many details as needed. -Pawel Kijko,TimeCamp

Be a step ahead of the press and competitors looking to leverage your misfortune. Take control of the narrative and be transparent in admitting the mistakes that led to the breach. Highlight what you're doing to prevent future incidents and do everything possible to assure your customers that you have their backs. This will allow you to mitigate any damage to your brand and accelerate recovery time. -Xuan Liao,LisbonTech

7. Make sure your CEO is press ready.

Proactively inform press of the data breach before news headlines break, being selective about who you choose to share this information with. Based on the severity of the breach, be sure your CEO is prepared to speak to the press. Zuckerberg’s early reluctance to speak with media and lawmakers, instead sending middlemen to do the dirty work, helped put him in the position he finds himself in today. -Monica McCafferty, MCM Strategies LLC

8. Be honest and avoid getting defensive.

A common thread amongst companies that came out of data breaches relatively unscathed is honesty. This means working quickly internally to identify the full scope of the breach and then communicating that as simply as possible while staying honest. The second a CEO goes on the defensive or tries to cover up any aspect of a data breach is when users and customers start to flee. -Elisa Richardson,Eddie

9. Take responsibility.

When facing a data breach, a company should devise a statement taking responsibility for its actions. Taking responsibility will maintain credibility. People can forgive mistakes faster than silence. When a company is vague or slow to tell their story, the audience will fill in the blanks and write their own stories. Control your message. -Levitica "Lee" Watts,Smith, Gambrell & Russell, LLP

10. Show your customers they are your first priority.

Recognizing the data breach and addressing that the company's utmost priorities will be to combat, secure and protect the customers' information, regardless of who they are, will show that the company's dedication is to the customer. Regardless of any financial or reputational outcome the company might face after, the customers are always first. -David Isern,Texas Tech University College of Architecture (TTU CoA)

11. Draft a crisis and reputation management plan for next time.

If you don't have one already, draft and implement a crisis and reputation management plan for your company. This document will outline specific measures to take if and when a data breach (or other negative situation) occurs. It should include key spokespeople, talking points, tough questions and suggested answers, etc. Be proactive now so you are prepared for a potentially harmful moment later. -Glenn Gray,Buffalo Agency

Forbes Communications Council is an invitation-only, fee-based organization for senior-level communications and public relations executives. Find out if you qualify at forbescommcouncil.com/qualify